Method, system and apparatus for secure access, payment and identification
First Claim
1. A system for authenticating identities of a plurality of users to enable or prevent an occurrence of an event, the system comprising:
- a first handheld device including;
a biometric sensor programmed to receive a biometric input provided by a user of the first handheld device;
a user interface programmed to receive a user input including secret information known to the user of the first handheld device;
a first wireless transceiver programmed to transmit via a network a first wireless signal including authentication information of a user of the first handheld device; and
a first processor programmed to authenticate the user of the first handheld device based on at least one of the biometric input and the secret information and to include in the authentication information of the user of the first handheld device at least a time-varying non-predictable value generated by the first processor;
a second handheld device including;
a biometric sensor programmed to receive a biometric input provided by a user of the second handheld device;
a user interface programmed to receive a user input including secret information known to the user of the second handheld device;
a second wireless transceiver programmed to transmit via the network a second wireless signal including authentication information of a user of the second handheld device, to communicate information identifying the user of the second handheld device to the first handheld device, and to receive information identifying the user of the first handheld device from the first handheld device; and
a second processor programmed to authenticate the user of the second handheld device based on at least one of the biometric input provided by the user of the second handheld device and the secret information known to the user of the second handheld device, and to include in the authentication information of the user of the second handheld device at least a time-varying non-predictable value generated by the second processor; and
a secure system in communication with each of the first handheld device and the second handheld device via the network, the secure system including;
a communication interface programmed to receive each of the authentication information of the user of the first device and the authentication information of the user of the second device via the network;
a database that stores authentication information concerning the plurality of users including at least a portion of biometric information for each of the plurality of users, respectively; and
a processor programmed to authenticate an identity of the user of the first handheld device, by comparing the non-predictable value generated by the first handheld device to authentication information included in the database to determine whether the non-predictable value generated by the first handheld device corresponds to a user allowed to access the first handheld device, wherein the processor is programmed to authenticate an identity of the user of the second handheld device, by comparing the non-predictable value generated by the second handheld device to authentication information included in the database to determine whether the non-predictable value generated by the second handheld device corresponds to a user allowed to access the second handheld device,wherein the secure registry is programmed to transmit via the network a first non-predictable value to the first handheld device to authenticate the secure registry to the first handheld device,wherein the secure registry is programmed to transmit via the network a second non-predictable value to the second handheld device to authenticate the secure registry to the second handheld device,wherein the first wireless transceiver is programmed to transmit the information identifying the user of the second handheld device to the secure registry,wherein the second wireless transceiver is programmed to transmit the information identifying the user of the first handheld device to the secure registry,wherein the user interface of the first handheld device is programmed to display an image of the user of the second handheld device received from the secure registry via the network to allow the user of the first handheld device to enable an occurrence of the event, andwherein the user interface of the second handheld device is programmed to display an image of the user of the first handheld device received from the secure registry via the network to allow the user of the second handheld device to enable the occurrence of the event.
3 Assignments
0 Petitions
Accused Products
Abstract
According to one aspect, the invention provides a system for validating an identity of a user to enable or prevent an occurrence of an event. In one embodiment, the system includes a first device including a wireless transmitter which is configured to transmit validation information, a second device including a wireless receiver, where the second device is configured to receive the validation information and further transmit the validation information; and a secure system in communication with the second device. According to one embodiment, the secure system includes a database. In a further embodiment, the secure system is configured to receive the validation information transmitted from the second device, and to transmit additional information to the second device following a receipt of the validation information to assist the second device in either enabling or preventing the occurrence of the event.
-
Citations
31 Claims
-
1. A system for authenticating identities of a plurality of users to enable or prevent an occurrence of an event, the system comprising:
-
a first handheld device including; a biometric sensor programmed to receive a biometric input provided by a user of the first handheld device; a user interface programmed to receive a user input including secret information known to the user of the first handheld device; a first wireless transceiver programmed to transmit via a network a first wireless signal including authentication information of a user of the first handheld device; and a first processor programmed to authenticate the user of the first handheld device based on at least one of the biometric input and the secret information and to include in the authentication information of the user of the first handheld device at least a time-varying non-predictable value generated by the first processor; a second handheld device including; a biometric sensor programmed to receive a biometric input provided by a user of the second handheld device; a user interface programmed to receive a user input including secret information known to the user of the second handheld device; a second wireless transceiver programmed to transmit via the network a second wireless signal including authentication information of a user of the second handheld device, to communicate information identifying the user of the second handheld device to the first handheld device, and to receive information identifying the user of the first handheld device from the first handheld device; and a second processor programmed to authenticate the user of the second handheld device based on at least one of the biometric input provided by the user of the second handheld device and the secret information known to the user of the second handheld device, and to include in the authentication information of the user of the second handheld device at least a time-varying non-predictable value generated by the second processor; and a secure system in communication with each of the first handheld device and the second handheld device via the network, the secure system including; a communication interface programmed to receive each of the authentication information of the user of the first device and the authentication information of the user of the second device via the network; a database that stores authentication information concerning the plurality of users including at least a portion of biometric information for each of the plurality of users, respectively; and a processor programmed to authenticate an identity of the user of the first handheld device, by comparing the non-predictable value generated by the first handheld device to authentication information included in the database to determine whether the non-predictable value generated by the first handheld device corresponds to a user allowed to access the first handheld device, wherein the processor is programmed to authenticate an identity of the user of the second handheld device, by comparing the non-predictable value generated by the second handheld device to authentication information included in the database to determine whether the non-predictable value generated by the second handheld device corresponds to a user allowed to access the second handheld device, wherein the secure registry is programmed to transmit via the network a first non-predictable value to the first handheld device to authenticate the secure registry to the first handheld device, wherein the secure registry is programmed to transmit via the network a second non-predictable value to the second handheld device to authenticate the secure registry to the second handheld device, wherein the first wireless transceiver is programmed to transmit the information identifying the user of the second handheld device to the secure registry, wherein the second wireless transceiver is programmed to transmit the information identifying the user of the first handheld device to the secure registry, wherein the user interface of the first handheld device is programmed to display an image of the user of the second handheld device received from the secure registry via the network to allow the user of the first handheld device to enable an occurrence of the event, and wherein the user interface of the second handheld device is programmed to display an image of the user of the first handheld device received from the secure registry via the network to allow the user of the second handheld device to enable the occurrence of the event. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method employing a system to authenticate identities of a plurality of users for purposes of enabling or preventing an occurrence of an event, the system including a first handheld device, a second handheld device each including a wireless transceiver a user interface and a biometric sensor, respectively, and a secure system including a database, the secure system in communication with first handheld device and the second handheld device over a network, the method comprising acts of:
-
authenticating, with the first handheld device, the user of the first device based on at least one of a biometric input received by the biometric sensor included in the first handheld device and secret information received by the user interface included in the first handheld device; generating authentication information including a time-varying non-predictable value with the first handheld device based on at least one of the biometric input and the secret information received by the first handheld device; transmitting the authentication information to the secure system over the network using the wireless transceiver of the first handheld device, authenticating, with the second handheld device, the user of the second device based on at least one of a biometric input received by the biometric sensor included in the second handheld device and secret information received by the user interface included in the second handheld device; generating authentication information including a time-varying non-predictable value with the second handheld device based on at least one of the biometric input and the secret information received by the second handheld device; transmitting the authentication information generated with the second handheld device to the secure system over the network using the wireless transceiver of the second handheld device, receiving with the wireless transceiver of the second device information identifying the user of the first handheld device wirelessly transmitted from the first handheld device; transmitting to the first handheld device, with the wireless transceiver of the second handheld device, information identifying the user of the second handheld device; transmitting to the first handheld device, from the secure system over the network, a first non-predictable value to authenticate the secure system to the first handheld device; transmitting to the second handheld device, from the secure system over the network, a second non-predictable value to authenticate the secure system to the second handheld device; receiving at the secure system from the first handheld device, over the network, the information identifying the user of the second handheld device; receiving at the secure system from the second handheld device, over the network, the information identifying the user of the first handheld device; authenticating an identity of the user of the first handheld device at the secure system by comparing the non-predictable value generated by the first handheld device to authentication information included in the database to determine whether the non-predictable value generated by the first handheld device corresponds to a user allowed to access the first handheld device; authenticating an identity of the user of the second handheld device at the secure system by comparing the non-predictable value generated by the second handheld device to the authentication information included in the database to determine whether the non-predictable value generated by the second handheld device corresponds to a user allowed to access the second handheld device; receiving via the wireless transceiver at the first device an image of the user of the second device from the secure system to allow the user of the first handheld device to either enable or prevent the occurrence of the event; and receiving via the wireless transceiver at the second device an image of the user of the first device from the secure system to allow the user of the second handheld device to either enable or prevent the occurrence of the event. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A system for authenticating identities of at least one entity to enable or prevent an occurrence of an event, the system comprising:
-
a first handheld device including; a biometric sensor programmed to receive a biometric input provided by a user of the first handheld device; a user interface programmed to receive a user input including secret information known to the user of the first handheld device; a first wireless transceiver programmed to transmit via a network a first wireless signal including authentication information of a user of the first handheld device; and a first processor programmed to authenticate the user of the first handheld device based on at least one of the biometric input and the secret information and to include in the authentication information of the user of the first handheld device at least a time-varying non-predictable value generated by the first processor; a second device including; a user interface including a display; a second wireless transceiver programmed to transmit via the network a second wireless signal including authentication information of an entity associated with the second device, and to receive information identifying the user of the first handheld device from the first handheld device; and a second processor programmed to include in the authentication information of the entity associated with the second device at least a time-varying non-predictable value generated by the second processor; and a secure system in communication with each of the first handheld device and the second device via the network, the secure system including; a communication interface programmed to receive each of the authentication information of the user of the first device and the authentication information of the entity associated with the second device via the network; a database that stores authentication information concerning a plurality of users; and a processor programmed to authenticate an identity of the user of the first handheld device, by comparing the non-predictable value generated by the first handheld device to authentication information included in the database to determine whether the non-predictable value generated by the first handheld device corresponds to a user allowed to access the first handheld device, wherein the processor is programmed to authenticate an identity of the entity associated with the second device, by comparing the non-predictable value generated by the second device to authentication information included in the database to determine whether the non-predictable value generated by the second device corresponds to an entity allowed to access the second device, wherein the secure registry is programmed to transmit via the network a first non-predictable value to the second device to authenticate the secure registry to the second device, wherein the second wireless transceiver is programmed to transmit the information identifying the user of the first handheld device to the secure registry, and wherein the user interface of the second device is programmed to display an image of the user of the first handheld device received from the secure registry via the network to allow a user of the second device to enable the occurrence of the event. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31)
-
Specification